RSS

How-To Geek

If you have a PC infected with Security Tool, you’re probably reading this article so you can understand how to get rid of it. Thankfully we’ve got the instructions to help you get rid of this virus.

Security Tool is just one of many fake antivirus applications like Antivirus Live, Advanced Virus Remover, Internet Security 2010, and others that hold your computer hostage until you pay their ransom money. They tell you that your PC is infected with fake viruses, and prevent you from doing anything to remove them.

This particular virus blocks you from doing most things, like Task Manager…

It also gives you loads of error messages that just seem to pop up constantly.

And worse, it blocks you from running malware removal tools:

First we’ll walk through the general steps that usually apply, but you can skip down to read the specific steps that we used to remove this virus.

Removing Rogue Fake Antivirus Infections (General Guide)

There’s a couple of steps that you can generally follow to get rid of the majority of rogue antivirus infections, and actually most malware or spyware infections of any type. Here’s the quick steps:

Those are the rules that normally work. Note that there are some malware infections that not only block safe mode, but also prevent you from doing anything at all. We’ll cover those in another article soon, so make sure to subscribe to How-To Geek for updates (top of the page).

Removing Security Tool

Since the above steps don’t always work, and Security Tool seemed to do a pretty good job of killing the malware removal tools I tried to use, I found another method to kill the virus off so I could begin the work of removing it.

First, we’ll need to know the username—if you aren’t sure what that is, right-click on the Start button and choose Open, then you can see it right in the location bar:

Next, open up the Start Menu, and then click the Run button (or use the Win+R shortcut key), and then type in the following command, substituting your own username if it is something other than administrator.

taskkill /f /fi “username eq administrator”

Note: If it doesn’t kill the virus the first time, you might have to use it again. Don’t be alarmed when your start menu disappears.

If all went well, the virus is dead and so is everything else including your start menu. Use the Ctrl+Shift+Esc shortcut key combination, and then go to File –> Run, and type in explorer to re-open the start menu and taskbar.

Note: If you find that the virus still isn’t dead, you can repeat the steps again.

If you grabbed the full version, make sure to use the Check for Updates button, and then click the Scan Your Computer button… make sure to perform a Complete Scan, and select all of your drives.

Once it’s done, it’ll let you remove them all in a click, and then prompt you to reboot. Job isn’t done, however!

Install Malwarebytes and Scan

Next you’ll want to install MalwareBytes and run it, making sure to run a full scan. The main reason to do this is because there’s no way a single malware removal tool can know about every single piece of malware out there, and you may as well make sure your system is clean.

Note: If you used a thumb drive at any point during this process, you should make sure and scan that as well—I’ve had viruses hop over to the thumb drive, ready to infect the next machine.

What About You? Had any Virus-Killing Experiences?

Have you had any experience lately killing this virus, or other similar ones? Let us know in the comments, or feel free to email into the tips line at tips@howtogeek.com with your best method for killing these viruses. We’d love to hear your expert feedback!

Comments (186)

I just had to remove malware last night on my dad’s friends computer. The thing was riddled with malware, couldn’t open task manager, I got IE pop ups literally every 3 seconds. Tried running malware removal tools but the thing was just so bogged down on crap. Botted into Ubuntu LiveUSB, backed up data, formated and rebooted Windows. All done in an hour and half.

I tried various things that were similar to what is suggested above to get rid of Antivirus Live. When I ran windows in safemode with networking, Malware Bytes wasn’t able to find the virus, I think because it wasn’t running yet. I ran windows normally, then as soon as my desktop came up I started Malware Bytes and started a scan. Within a few seconds I started getting pop-ups from the virus, but Malware Bytes was already working. I did have to try and eliminate some of the pop-ups because at one time I came back to my screen and had 3 tabs open on Internet Exporer and they were all hardcore porn. Good thing my 6 year wasn’t in the room. Had to disconnect the net to keep that from happening. Eventually Malware Bytes finished its scan finding 5 infections and I have been clean for weeks now.

I’m having problems running “taskkill”. I’ve noticed you mentioned using it a few different times like in in this one and another where you run “taskkill /f /im winlogon86.exe” etc. I’m trying to fix my friends computer and every time I try to run it says taskkill isn’t a recognized command. Am I’m missing something here?

Once my pc was infected with kidoh(conflicker worm) with Kaspersky installed. Kas gave me a lot of indound attacks warning. kas detected it but couldnt remove it. using registry manual had to remove the keys and delete virused files and had format all cds and pen drives. Kaspersky is good at detection but poor at removal so i switched to eset

If you’re quick enough, you can open task manager before the virus loads and blocks it from launching. I was able to do this to remove anti-virus 2010 from a friends machine. Once I had that removed, I went into msconfig and disabled it from starting up (incase it or some other virus blue-screened me while scanning). I was then able to run mbam and remove it fully.

Just remember, a virus is a program too, and it’s subject to the same rules as other programs. There’s a hierarchy in loading, and how they load.

I tried these steps and couldn’t figure it out. I worked with a guy on remotetaskforce.com who removed it for me. The guy who helped said there are different versions of Security Tool and he said the version I had was in a different location than it usually is but I had a couple other viruses too that were giving me problems.

I just went through another form of extortion in trying to remove this. I called Dell and found out that I had HARDware warranty not software help. They put me through to their tech person who told me that I had three choices: $239 for 1 year/4 incidents help, $129 for 3 days help or reinstall of system. I had told him that I had directions for how to remove it online and he said I might just get another virus and make things worse. So after paying the $239, they just did what you folks recommended here and I had found similar at bleepingcomputer! I’m mad at myself but not happy with Dell either. I really feel they took advantage of me.

This worked for me, but then again each variation can be different and you might have to do a little more. These “viruses” are getting trickier every time. Sure sucks if you don’t have any PC experience, I feel for these people and try to help whenever possible. I think these companies need to be stopped, somehow…(?)

I downloaded Spyware Doctor to remove Security Tool from my laptop, which appears to have been successful, except that I still have a security tool icon in my toolbar. It won’t delete, rightclicking it does nothing and it doesn’t show up anywhere else I can find. Does anyone know how to get it off? All my scans come up clean and my laptop doesn’t seem to be having any problems… but I’m definitely NOT a pc girl so I’m not sure. Is my laptop still being harmed by this thing if that icon is still there? Do I need to take further steps? Would any of the above entries help me? Ah! I’m so fed up with this thing! Please help, someone!

Finally got rid of it by repeated scans with Spyware Dr. It took me several hours of tedious anxiety, but it’s gone. People who download these programs to remove it: just be patient (I sat through eight scans some of which lasted over an hour) and keep trying, use more than one if you have to, it’s worth it. A word for those who gave away credit card or check card info… go to the credit card company or your bank immediately and file a fraud and/or loss claim! Most likely they will stop payment or reimburse you, as this is pretty easy to prove as being an illegal scam.

rebooting into safe mode with networking will stop this crap app from loading…. i am doing this on my kids laptop right now and seeing it cant load in safe mode i am able to run spybot search & destroy (safe w/ networking you can download/update spybot if needed) and first thing it found was the fake in question amongst other thing that find their way onto a teens computer…. now that it is done and booted up in noral mode and avast installed… i doubt i will see this again… that will teach them to listen to their father =P

Restart your computer in Safemode with Networking so that you can go online, watch the Security Tool Removal video on You Tube and follow the instructions – I got rid of it in 5 minutes, even managing to restart in Safemode with a wireless keyboard.

I tried Safe mode and then System Restore – it restores your computer to a day in the past where it didn’t have the program, but keeps files and stuff intact. It worked! :D
What a nightmare of a virus! :(

Recently, a client of mine had Security Tool on their Alienware Windows 7 computer. McAfee literally found nothing. Afterwards, I started How-To Geek’s recommended SUPERAntiSpyware which I have used many times and I would also highly recommend. It found 350 infections in almost no time.

I am not and no way an expert very much a novice, but I have been putting AVG on all my friends laptops/PC for them and just last week I done this for a friend. Today he called me and showed me that this same thing had happened to his laptop and I saw the same anyway I took it to a company that I used and he recognised it straight away, I only recognised it by the fact I went through the same thing when scareware attacked my PC the same way middle last year and he went through the same thing pressed the wrong button in a panic and embedded it in.

When you say portable tool you do mean to be held on say your USB Memory Stick, as these viruses are becoming more regular dont you think that a more simplified understanding can be given as to what to look for for beginners that they may be able to see through the viruses when they come.
Would not that be better and time saving for all world wide I suppose.

I will be adding your tool but it will have to be tomorrow but so pleased to be able to find your cure and help.
Your Blessed
JTValerie

Hi , i had this virus on my computer last night , i tried getting rid of it by going into safe mode but the virus took that 2 i spent hours trying to get rid of it last night. I tried sytem restore but that never worked so i restarted my computer in normall mode and got my anti-virus open quick before it took over the program. i done a full system scan it took some time but i got there in the end , it found the viruses and deleted them from my system. i just hope it doesnt happen again.

I saved this onto my memory stick, started the computer up on safe mode with network and opened it, and after scanning for just under an hour, it did the trick. Thank you so much for posting this – you’re a life saver!

Just change the file name and the document name then restart your computer after that use the Systems Tools- Systems Restore in your accesories and restore your settings to before you got the trojan and your pc is as good as it was. you dont have to download any software to remove it

Many thanks to all the above posters for the various suggestions. I went the following relatively simple route. Basically it took an hour of carefully reading the suggestions on many web pages, 10 minutes to do the job, and a couple of hours of scanning afterwards.

I just got rid of SecurityTool from a dell inspiron running vista as follows

1) Reboot into ‘safe mode with networking’ (hold down F8 while booting). This stopped SecurityTool from starting so now I can see what is going on. SecurityTool had a shortcut on the desktop. Right clicked on the desktop shortcut and looked at ‘properties’ which told me the ‘target’ (ie where to find the exe). It was a file called 80081926.exe, in a folder called 80081926 somewhere below a directory called c:\ProgramData. I gather from the web pages that this number is different on different copies of the virus. Now c:\ProgramData is normally a hidden (system) directory, but ‘search’ in windows explorer seemed to find the bad directory ok.

2) Deleted the offending 80081926.exe in the normal way for deleting a file. (It went to the recycle bin)

3) Reboot normally. SecurityTool did not start up, so I have control of the computer back. Looks like the delete was successful.

4) As recommended, downloaded and ran SUPERAntiSpyware (got rid of about 280 items, mostly adware) and Malwarebytes (found 17 more, mostly adware). Each full scan took about an hour on a machine that has about 70Gb of files. I found the tools by googling their name and downloading each of them from download.cnet.com.

antispyware is the best of the best ,i took a chance and downloaded this porgram for my infected pc with sistem tools ,, gone in to safe mode with internet and fix all my problems thanks for the perfect program … very graetfull bye

1. Start the system
2. Press f8 while booting
3. Use arraow keys to select Safemode with network
4. Now you can download the Malwarebytes
5. Install it and scan the full system
6. After scan remove the treats
7. Now restart the system
8. Now you are ready to go

Hi … I just look for shortcut of security tool in start menu and find location of application ,,,,, then I rename the folder .. and restart computer …. security tool not working and every thing work normally then I delete it

I was having problem,s with this security tool and could not get rid off it but finally after some messing around I pressed F8 ON REBOOT and selected safe mode with networking and then deleted it and it worked computer is now free of this. The only thing I can’ get rid of is the file location on my task bar but it flashes up as not working.

Hi How-To Geek and thanks for your useful information about “Security Tool” and other subjects. I recently had to remove Security Tool from a friend’s computer running Vista and thought I would share how I went about it as this might assist others. (I note with thanks earlier comments that contain similar but not as comprehensive instructions.)

The infection had all the symptoms you have mentioned – including blocking Task Manager, the Command Prompt window, Windows Defender and other software that might be used against it from running properly, if at all. It also covered up most of the desktop so that you couldn’t see what you were doing anyway.

I first tried following instructions from several websites and using a number of automated malware removal programs to remove it, including Malwarebytes Anti Malware and rkill.com. As excellent as this advice and software may be, unfortunately it did not work in my case and Security Tool was still there. Part of the problem may be the way Security Tool identifies its executable files and processes with a numeric string, for example, “4946550101” is mentioned on some websites. But Security Tool can morph itself, changing the identifying string to thwart countermeasures. However, ironically this string is also its weakness.

Here’s what I did next. I noticed that after rebooting the PC, Security Tool would automatically start up again, so I rebooted into Safe Mode with Networking (just Safe Mode would also be fine) and ran msconfig, where it is possible to inspect the Startup processes. The one we wanted stood out because it was identified by a numeric string instead of a legitimate name. Once we had this string it was a simple matter to search for and delete its entries in the registry (using regedit) and then to search for the similarly named files and delete them. Reboot – problem solved. (Cautious people might like to back up the registry first before editing it but as it is infected with a virus, at this stage there does not seem to be much point.)

I tried Brian’s approach and it worked like a dream. Once I identified the offending file, I just dragged it to the Recycle bin. When I rebooted normally, Security Tool was gone! I then just dragged the desktop shortcut to the Recycle bin and I see no more vestige of Security Tool. Nothing in the task bar either, as John Prescott found..

Thank you thank you thank you!
I’m not particularly computer savvy, but when this nasty bug arrived on my computer I was devastated. Couldn’t do anything without a pop up popping up every other second, couldn’t start word, task manager or anything. Thank God I found this site and SUPERantispyware worked a treat to rid my computer of that nasty, evil security tool. I’m not really one to post messages, but when I saw it had gone I could have cried with happiness. Thank you for your altruism in making it free. xx

Heres a nice easy way to get rid of this without downloading anything.
1. Start your PC in safe mode (press F8 when your PC is starting up)
2.when in safe mode , check your desktop, Security Tool places a shortcut icon on it.
3. Right click on the icon, choose properties.(deleted your shortcut item – go to step 7)
4.Click on the “find target” button – this will take you to the folder where ST is hiding.
5.The folder name is a number, 67XXX something can’t remember, delete this folder.
6.In Vista the path was c:\program data\67xxx\67xxxx.exe (note program data is a hidden file, you have to set up explorer to view hidden files)
7.Last thing to do is remove it from startup, press your start button and then “run”
8.type MSconfig, cick the startup tab.
9. uncheck the box, if your unsure what its called, look under the “command” this shows you where the startup item is located, which is also helpful if you’ve deleted the shortcut Item. take a note of the path which should be similiar to step 6.
10.once you’ve unchecked the box, restart your PC and all should be good.

I have found the security tool files and tried to delete them, but it’s “not allowed”. I have downloaded Malwarebytes, and Microsoft’s Malicious Software Remover. The problem is, after I download the install.exe files for the software, it won’t open. I’ve tried everything I know to do. I can’t open .exe files, and I can’t open add/remove programs from the control panel. I also can’t open system restore…help me pllzzzz

thanks alot!. i tried using the taskkill but my pc kept on saying it couldnt find the ‘taskkill’ folder. anyway, i went to C:/Documents and Settings/All Users/Application Data then i open the folder with numbers then i renamed the security tool file there by adding more numbers to it. then i LOGGED OFF. that killed the process. i then installed your Superantispyware and scanned.

I just finished dealing with Security Tool today. It manifested itself a bit differently from what was mentioned above. This means the creators approach and methods are evolving. If I had fallen prey to their scam and bought it, I would cancel my credit card and have the CC company reissue me a new card – why take any chances?

After booting in Safe Mode, loading MSConfig and electing to boot without loading any startups, etc., Security Tool continued to load. It was tougher and more nasty than ever. It had loaded a file into C:/Windows/Temp as “_x08.exe”. A startup entry in MSConfig Startup pointing to that file existed, but unchecking the entry and rebooting had no effect. Security Tool would replace and reactivate that entry thus making it very hard to disable it. I was not able to clear it until I found references to it in the following places and deleted them:

Note: You will not be able to see some of the following folders/files unless you go to Tools > Folder Options > View, and then select the option to “Show Hidden Files & Folders”.

Then I found entries for Security Tool in
C:\Documents and Settings\”username”\Local Settings\Application Data\
Here there were two data files that had the same icon as “Security Tool”
They were listed as “36441” and “51939341” (names may vary)
There was also a shortcut named “Security Tool” pointing to the above files located in
C:\Documents and Settings\”username”\Local Settings\Start Menu\Programs

After removing those AND perminantly deleting them from the Recycle Bin, I was able to boot normally and run appropriate scans and such. Security Tool was gone.

While working on this for over two hours, I cannot begin to tell you all of the very evil thoughts I had about what I would like to do to the scammers that create and force such a product on all of us.

Security Tool took control of my pc tonight and I was able to get rid of it by restarting in safe mode with networking and then using the SystemRestoreWizard. When I restarted, Security Tool was no longer apparent. I think it’s gone.

I had this hoax on my computer and I tried almost every program to remove it, but none of them worked. I finally got rid of the virus by using system recovery. I just reset my computer to about three days before it showed up and now my computer is as good as new.

how does this system restore thing work? i can get this crap off my computer. i deleted it with spybot and i cant find the security tool file anywhere but the stupid pop ups wont stop when i go back to normal mode. i really need help bad.

After days of using all these tips over and over, every time I restarted, it was back. I tried System Restore, but I could only go back 2 days and the bug was downloaded 3 days ago.

So, I decided to right click on Security Tool under All Programs in the Start menu, clicked properties, and clicked the Find Target tab. This opened up windows and highlighted the Security Tool icon. I right clicked on it and then clicked delete which sent it to the recycle bin. Then I emptied the recycle bin, restarted the computer and it is GONE!

Thanks for all the tips! The Superantispyware found some other stuff, so I’m thankful for all the FREE advice!

Guys, I tried doing what was written on this website, and it didn’t work for me. When I tried to type in that phrase inside Run, it wasn’t working, even though I substituted my username in the phrase. I tried a couple times, and it still didn’t work. So I freaked out a bit, and then I tried opening up Task Manager. It wouldn’t open! It kept on opening and then closing.

So then I pressed Ctrl, Alt, Delete, and then held it like that for a couple of seconds. Only then, after I let go, did the Task Manager stay open. After that, I went to Processes and tried to find Security Tool. Of course, it’s not labeled. Instead, it was a number in the list. It was something like 804133 or something. So, I selected that and clicked End Process. After that, Security Tool stopped bothering me. :) Hope it works for you guys too!

Okay, so I’m back, and realized the whole Ending Process thing in the Task Manager didn’t really delete the whole Security Tool program out of my computer. So I followed the buddy’s advice on top of my comments, Darin’s, and did his whole locating target and deleting that thing. It seems to have worked iA! Thanks Darin! :)

Okay, today I finally manhandled this stupid virus. The way I did it involves incredibly good reaction time + this guide. Myself, and (I think others here) have realized that this virus has adapted since the guide was written so that the software used (Malewarebytes, SUPERantispyware) couldn’t be opened. I did this by using task manager’s ‘end task’ function very fast. What you do is:

HAVE ABSOLUTELY NOTHING RUNNING ON YOUR COMPUTER (Besides F’ing security tool of course). Reason being, Security Tool MUST be the top item on the list in task manager.

Press the CTRL ALT DELETE buttons like usual, taking you to the window with 6 buttons (one of them being task manager), then click task manager. Task manager will either open for a fraction of a second, or not at all. What you do is get task manager to open for long enough for you to see where the window appears in relevance to your computer screen, and hover the mouse over where the ‘end task button’ was. It doesn’t have to be exact, just the general location. Then press the ctrl alt delete commands again, and instead of clicking the task manager button, use the arrow keys or the tab key to highlight the task manager button, and then press enter. What you do is continue this (should only take 3 or 4 times) until you have your mouse exactly over the area where the end task button is.

Then, with one hand on the mouse, and one finger on the enter key, hit enter and immediately click. It may take a few tries, but I managed it so it really shouldn’t be too hard, and you can “end task” the shit out of security tool until it closes (which it did for me, but chances are if you read this comment a year from now the creators may have made the stupid rogue program even sneakier).

After that I was finally able to open and run SUPERantispyware and MalwareBytes. I ran the former once and after the reboot it came back. Then I ran them both at the same time and chose the “reboot later” option for both programs, and removed the files twice (I guess?) by selecting the removal option on either programs. When I used them both then rebooted, it appeared to be gone.

I got infected too. It took me about half an hour to figure out and killed it. My OS is Window 7 Pro. Here are the simplest procedures:

(1) Restart your system to Safe Mode by pressing F8
(1) Find the security tool icon in all programs, right click the icon and you’ll see “open file location.”
(2) Click the “open file location’, you will see a file name of 9 digits that was randmly generated.
(3) Delete the file and then delete the icon of Security Tool.
(4) Restart the system to the normal mode and the virus will be destroyed for good.
(5) You cannot do the above procedures in the regular mode. These criminals knew how to protect their Trojan Horse.

I run Windows XP, and I am *unable* to get into safe mode. Maybe the virus is blocking me, but F8 is just bringing me to a boot disk menu, and once I choose my disk, the computer boots normally instead of in safe mode. I’ve tried every combination of timing and F keys.

I was able to get Task Manager to stay open on my 5th or 6th try, by opening it as soon as Windows booted up. Right now, I’m scanning the computer with AVG. The virus blocks me from visiting anti-virus sites. I’ve downloaded SUPERantivirus portable and Malware Bytes from my other (uninfected) computer to a USB drive, and I will run those next.

Sigh … a full wasted day of scanning. I hope that those people who paid by credit card provide a way to track down the assholes who wrote this virus.

UPDATE: Following these steps has gone a loooong way towards helping me clean my computer. Thanks! SUPERantispyware found a ton of trojans, and Malwarebytes found a ton more. With Task Manager open, I ended _ex-08.exe, which is part of the infection.

I don’t think everything bad is off my computer, as I am still getting weird error messages (a missing dll, a black screen saying wrong disk on startup), but at least my computer is working somewhat normally. I’m now running a Full Scan with Malwarebytes (as opposed to a quick scan). It already found two additional infected files. After this, I will run my normal program, AVG, and I’ll also scan the thumb drive I used. I’m still looking online to see if there are any files I should manually check for, such as malware in my registry or temp folder.

Thanks for this web site! Quite easy to get rid of Security Tool:
1. Start PC in safe mode (F8 during start-up)
2. Click START, then PROGRAMS and identify the Security Tool icon
3. Right click and find path under Properties (on my PC the file 999696498.exe was hidden under Program Data and Documents and Settings on the C drive)
4. Click on the Find Target buttom and delete the folders that holds the Security Tool exe file.
5. Then delete the short cut, and finally delete the content of the Recycle bin

1. go to start.all programs.right click on this security tool shit,properties and.go to the short cut tab.find target as..
u will see a place in which this file is stored..it will generally be in c/documents and sett/admin/local settings/application data.
2. now u cannot delete the file now cause it is already is use..and this shit wont allow u to stop the use.
3.now reboot and as soon as ur comp starts..press ctrl + alt + del and go to task bar…go to processes in that and u would find that number again..end that task..”end now”.
4.now relax..go to wherever the file is located and delete it…
done.

If your system has been meshed up or you can’t do any of the above,
just put a Linux live CD (Ubuntu is easier)
and mount your C: drive.
By booting from Linux you will gain a full control in your files during the whole process of removing the virus without anything to block you.

Then make a search in the whole C: drive looking for the suspicious file.
Just make a search like

*0.exe
*1.exe
…
*9.exe
until you fine this file consisting of digits.

Write down the exact name.
Delete that file.
Make a search of this exact name and delete any other entries.

Then your system is back. You can safely log in to your windows
and be able to run the recommended tools to remove the malware remnants.

I think tried it all, started scanning with Superantivirus but to no avail, it just kept coming back. Over the next few hours I scanned repeatedly with Superantivirus, Malwarebytes McAfee etc etc – nothing helped, soon as I re-booted it came back. Next I tried the taskkill trick – that didn’t work either.

Almost ready to give up when I read your VERY simple solution which worked perfectly!!!

just out of instinct. I have yet to see whether the thing worked, [I rarely restart my computer, so I guess it didn’t have the ability to get fully entrenched- I started the task manager just fine. Although I think it was open anyway…] Will get back to you if it does.

Had Security Tool on a colleagues computer. I tried the tools mentioned above to no avail but then I remembered something that worked on a similar malware infection. I ran a system resore to a week before the infection and, hey presto, Security Tool was gone. Checked the system registry…nothing. Checked msconfig….nothing. Fingers crossed I got it all. =)

wow thanx alot Roger u saved me XD
but to all of the other comments, what happens if i didnt have those numbered folders? the only thing i could find was the numbered exe file and the start menu shortcut?

Oh my, it took me a few days but i got the bugger thanks to all this good advice but I doubt I can remember all I did except for finding it and having to rename it and using task manager and delete! I ran superspyware, do I really need to do malabytes too?
I didnt see if this virus actually STEALS anything tho? DOes it?? Like passwords, etc?
How did we get it??

My usual trick for closing virus’ like this is to log off (im using windows 7) and wait for the forced restart button to come up. (when it’s closing down programes) and then click cancel. It seems to kill the program and stop it from restarting. Then malware bytes all the way.

Running Windows 7, tried at first booting into safe mode and running Super Anti Spyware as suggested… got rid of over 600 adware (-_-) and a few things that were named something like “fake trojan” but when I booted back into normal Security Tool still started up… so I tried a suggestion from the comments which worked for me!

Booted back into safe mode, searched all programs and files for “Security Tool”, found the shortcut. Right clicked, chose “open containing folder” or “open file location” something like that. The program was named something like “14808.exe”, deleted it. Booted back into normal mode, Security Tool is gone. =) Running Malware Bytes now to make sure all its constituents are gone…

My laptop (which was given to me by my university) came with a program installed called “Symantec Endpoint” – not sure if it’s a normal Windows thing or if my university installed it? Anyway, it’s still coming up with notifications periodically. It just came up with 118 of them at one time, all say something like this:

It’s a little concerning but at least it says “cleaned by deletion” — before similar notifications were coming up but saying “access denied” or something similar, which I’m assuming was the work of Security Tool blocking real anti-virus programs.

Anyway I hate these viruses and am glad to have found a good way to get rid of them without having to get my hard drive reimaged! (Which is the only service the university tech center offers if you come to them with a virus.)

I just wanted to add that I found this virus file in the c:\users\AppData directory. It did not have a subfolder or a desktop icon or even an shortcut in the start menu. This file did not show up in the msconfig startup items either. The SUPERAntispyware did not find it either. I manually searched for it using *0.exe, *1.exe, etc. I was able to delete the file in safe mode. My file was called 1392051.exe (but I think that is different for everyone) and had a recognizable icon (although that will probably change in future versions to hide better).

Windows 7 OS
I have no idea which version of the virus I had but it seems to be hiding itself better and better.
Infected Date: 9-30-10

My computer received the virus after my younger sister innocently went on a website to help her research with her homework (Facts about planets, and it was within the first 10 results!!!), unfortunately I suspect this site had the virus hiding in the shadows. I noticed that when I turned on the computer a ‘Security Tool’ program popped up, immediately I thought there was something fishy about it since we already had AVG (the free version) so I asked everyone if anyone downloaded a program (to which I found my little sister and the website thing), and to comfirm my suspicions about it being a virus, everytime I tried to open the AVG User Interface the program popped up saying it was infected by some Worm/Trojan/Virus/etc and blocked it, doing the same to Spybot – Search & Destroy… Thing was, everytime I clicked on it, there was a different virus or problem with it, showing inconsistency which confirmed that it was just scareware.

After attempting to manually delete the file (I found the root folder where the program was hiding by right clicking the shortcut and clicking ‘find target’). This opened the folder where the virus was running from, two folders with numbers for names were there with the same icon, and a modification date of today. I couldn’t delete one of them, which was the one where the virus was running from (Windows said that I couldn’t delete the file because the ‘disk is write protected or the program is currently running’, a respectable windows feature preventing you from deleting running programs, but I wanted to delete it.). I searched around the computer hoping that task manager would help, unfortunately it blocked that too. I couldn’t restart in Safe Mode since holding or tapping F8 caused a hardware error.

Then I thought I had a stroke of genius, partially thanks to recently watching ‘Troy’ and having the ‘back door trojan’ idea in my head. I switched off the internet box, hoping that this may cut off the ‘oxygen supply (so to speak)’ to the program. And eventually the program decided to Blue Screen the computer… I noticed it didn’t look like the usual blue screen that I usually know (not saying my computer blue screens a lot!) and to test this I pressed Crtl-Alt-Del… and task manager flashed for a split second… I realised that the virus ITSELF stuck a phoney blue screen up and otherwise the computer was running normally (to whatever extent normal was), or course before I realised this I pressed the power button and the computer was logging off and shutting down. Upon restart it did the same as it had done before, the program loaded and began a scan, which I cancelled.

I contacted a friend about the virus who happened to have the same incident a while ago, and he found a way to get rid of it (through the wonders of internet research and youtube)….

Find the root folder where the virus is, rename the ‘[random numbers].exe’ to something different, restart the computer and now that you have renamed the file, the virus startup program can’t find the main program so it won’t load, now you can delete the shortcut, the renamed folder any the virus is gone! As far as I know anyway…

The best part of this is that NO PROGRAMS HAVE TO BE DOWNLOADED, and you don’t even need the internet to fix it! I suggest that as soon as you notice you have this virus, turn off the internet box while having this page loaded (preferably on a different computer) and follow the things I did, you should be able to get rid of the virus without the hassle of downloading free software (although I understand the long-term benefits to these programs I prefer not to stuff my computer with truckloads of antivirus programs).

I’m currently running a full computer scan with AVG and then going restart the computer to confirm the virus’ ‘EXTERMINATION’ (Yes, I’m a Dr Who fan :P ). (BTW I’m typing this from a separate computer in order to not disturb the scanning process)

I found this virus to be quite well designed and the programmer who made this is quite skilled at programming, although I’d rather this guy (or gal) use their skills more profitably. (I’m asking myself now why the hell I’m praising the programmer for a well made virus, something not right here? XD )

WTF!!! i cant get eany of the steps 2 work iv tryed everythin what do i do!!!!!!!!!!!!!!! HELP PLSSSSSSSSSSSSSS!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!

Malwarebytes is the best, I’ve tried some of the ways to remove this virus and still not success until I use malwarebytes in Save mode and do some scanning and remove the virus, then My Computer is Back to Normal :)

I have this thing on my computer. It wont let me open ANY KIND OF PROGRAM that may be able to help get rid of it. I have Windows Vista and there IS NO run button on the start menu. I have no idea what to do and I have no money to pay anyone or anything to fix my computer. HELP PLEASE!!!

If you’ve just opened your PC, race against the Security Tool by Ctrl+Alt+Del during the computer is loading programs…. Try it, works for me but I know its still not removed and my programs were working well when I do it… :D

For my desktop i had to shut down and start up, then QUICKLY press win+R (then taskkill /f /fi “username eq administrator”), before security tools had enough time to load up (it wasn’t even letting me play spider solitaire or open itunes if i let it load). from there i could open the task manager etc. For me, I had to win+r pretty much right after I entered my account password.
But thank you so much for this guide, I would have hated to bring my computer back to get cleaned and waste another 90 bucks.

the authors of this attack seem to modify its behavior pretty often. for example, i just spent my sunday afternoon cleaning up a windows 7 system in which (1) the desktop link was not installed (making it harder to find the .exe manually) and (2) the .exe location had shifted to \Users\\AppData\Local\.exe (which is a bit different from what’s reported above, just a few weeks ago). the attack managed to get past mcafee antispyware/viruscan enterprise (!).

given that one doesn’t really know how deep the trojan has managed to inject itself, it’s not clear how much one can really trust any fix that involves booting the infected OS. so i yanked the hard drive from the infected system, put it in an external enclosure, and attached it to a clean system (making sure that AutoPlay was turned off!). then i ran SuperAntispyware Portable on it. i did have to do this twice because i forgot to “Update” the signatures first, and the signature file built into the downloaded executable wasn’t able to find the most recent version of SecurityTool (!). but after updating, it found and quarantined the SecurityTool .exe file.

I have had Security Tool last Sunday and I removed it within 30 minutes, only because my girlfriend’s account I was working on was user-priviliged and had no admin rights. What happened was that I got an update message for Sun Java 6 (yes, I know that that no longer exits as Sun is taken over by Oracle, but we had a death in the family and I was not really discriminative in what I saw and klicked…) So I klicked it and something installed yielding a barrage of virus, trojans and worms messages. Furthermore, I could not start anything anymore.
I knew I was user privileged so the same messages as seen here above did not make any sense. Systemfiles could not have been altered. So I created a test account and on that account all worked well, no problems whatsoever. I figured that something must have been installed in my own account… and yes… I found an exe in Apps…. killed and removed that while being in the testaccount and removed also a folder, named Sun, that was created at the same time as I erroneously accepted that install.

Since then no more Security Tool messages and all works well.

Morale of this: do not use an admin account while being on the net!!

User privileges will force the infection to install in the user account and nothing more. It saved me a lot of hassle.

Hi,
I managed to remove it launching the task manager very quickly when windows was still starting, and then cancelling a process called 05864404.exe.
Once this process was cancelled I could run malwarebytes and it seems the problem is solved.

this worked for me and was really easy
1) Turn off computer
2) Turn on computer and press F8
3) Select safe mode option
4) Once done loading it will look like really old windows setting
5) Go to Start and in Search bar type in “System Restore”
6) It should take you back to when your computer was fine. Press Restore
7) It restarts computer into normal mode.

hay i tried the task kill thing but i cant get the username because i probably have a different type of windows so im a little stuck because it keeps coming uo with a black box then leaving so maybe it is working but security wont let it happen! heeeeeeelp iv’e tried everything but it wont work so maybe you could show how exactly to type it in the box?

Hi person who wrote this :)
Thank you, sooooooooooo much. This “Security Tool” was drivin me nuts!
I was afraid that it was a virus, so i googled it and found this page ;)
It was in my own language and all, so i thought it was OK. (the virus)
So thank you so much. :) I tried the “Run : taskkill…” option twice, and then i was gone.. I think..
At least it stopped buggin me :)
Again: THANK YOU!

If you get the security Tool bug, do this…. it’s quick & really simple & removes it 100% & hassle free…. boot you’re comp in safe mode (F8 on start up then on the black screen choose to start in safe mode)…. go to the System Restore menu… this may take a few minutes while you’re comp figures everything out so don’t worry,the suggested time to roll back to should be fine, just think of how far before contracting the virus it is,then just click to get it rolling into action.It will remove it completely without compromising any of you’re system files. Then ya good to go again :)

OK, I got Security tool nad, thanks to this site and MalwareBytes, was able to remove it. Now I found another site and the author there says that once the computer has had security tool, the HOSTS file should be deleted and replaced by a deault one. Now, I have zero computer knowledge and experience and, therefore, am not sure what to do…
Any help will be greatly appreciated!

ummm yea, I kinda need these instructions for windows 7. SHUT UP SECURITY TOOL CANT YOU SEE IM TYPING! Its blocking my google chrome, my firefox, my notepad, and its blocking malware bytes, I need some help. I have ZERO knowlage of computers and didnt understand a thing anyone is saying here. So umm yea Any help would be greatly apreciated.

EASY FIX! (at least i think it is still fixed)
i could not access restore points from normal start up. So…. here is what i did
1. shut down, start up while hitting F8
when prompted, select and have computer start up in ‘safe mode’
computer then puts up tips for operating in safe mode, including how to find and use restore points.

I just followed those directions. Very easy. The virus did not disable restore points in safe mode like it did normal mode.

Let’s all wish for an early painful long drawn-out death for the creators of this and all virus’s

Everything was locked down on my friend’s computer…. none of the stuff mentioned here worked. Finally just searched all the common locations for anything out of the ordinary and BAM! C:\Users\[username]\AppData\Local\44596.exe Wiped everything in the security tab and denied all to the Everyone group then logged off and back on. Neutered… Recommendations: If you can’t access something in the security tab or the tab itself or the file properties, try closing everything and trying again. If that still doesn’t work, try restarting your computer and try it again. Hope this helps someone.

O/S: Windows Vista Home Premium 32bit
Virus removal tools used: None

Virus – 0
Me – Undefeated

-No trees were harmed in the transmission of this message. However, a few billion electrons were temporarily inconvenienced.

In Windows XP in normal mode I right clicked on ‘Start’ and selected ‘Open’. Opened the ‘Programs’ folder and there was the shortcut for Security Tool. Highlighting this showed where the program was hidden. I moved the shortcut on to the desktop, rebooted and run PC Tools Spyware Doctor as soon as possible. It located and wiped the shortcut. I deleted the rogue file. I’ve rebooted a couple of times since and so far no sign of those lousy pop ups.

There is a MUCH easier way to get rid of this rogue! Follow these steps.
First, restart your computer. As soon as the Windows desktop loads, and I mean the INSTANT it pops up (after you enter your password if applicable) hit ctrl+alt+delete and open your task manager. If you did it right, you should have beaten the auto-run programs. Within seconds Security Tools will pop up with it’s usual scare tactics (you don’t really have any virus… well you might, but not the ones Security tools is telling you about). Anyway, you should now be able to end the process. This is the first step to deleting any program, you have to close it first. Security tools is pretty good at not letting you close it, but this is a backdoor that it doesn’t seem to account for. Now, in your start menu, there should be an icon for security tools. DON”T OPEN IT. Rather, right click, hit properties and then “find target” this will take you to the folder where the .exe exists. Delete it and empty your recycle bin. Done.

If you wait too long to ctrl+alt+delete after start-up, security tools will open and you won’t be able to get the task manager open. Just restart and try again. Remember, end the process and delete the program, it’s that easy!

Just a quick note on task manager. Once it’s open go to the “Applications” tab. Right click on “Security Tools” and pick “Go To Process” this will take you to the process tab with the Security Tools process highlighted. just click the end process button at the bottom. Done. (except for the deleting the program part, for that read the above post.)

hi all
never pay any money to these fucking asshole,
you can solve it by yourself ,trust me
you need to try some way that they mention here in this site ,it works but it takes some hours.
I solved it by using Malwarebytes not in safe mode you must restart yr pc and run Malwarebytes very fast
before that fucking security tool goes up
hope u all be successful

Noah P…you’re the best! This worked for me on the first try (after I wasted a bunch of time trying the other suggestions). No safe mode necessary, just a quick click finger. The process was named with a string of numbers like 242345665.

Hi guys,
This is a great article, but alas none of the steps seem to work on my friend’s daughter’s laptop, as the Security Tool program seems to run even in safe mode, and when we try to run any program, or even the command prompt, the malware shuts it down straight away.

Any advice how to neutralise the malware so I can at least get into command prompt or an anti-malware program?

I just had same problem it took over my entire computer would not allow me access to certain things and blocked me out. I finally got it removed with simple task. If you pull up start menu, find security tool and right click on to that or find path to where it is. Right click on its security you will see it has access to all, edit and deny then click yes. I then ran adaware and quarantine the rest of the cookies from it. I just finished this task within hour ago and i have not notice it popping up and i have access to my drivers and all other programs again. Hope this will help and seems to be very simple.

Spent 5 hrs trying to remove this puppy. Eventually had to do 4 things
1. Go into safe mode windows xp with networking and run the super anti spyware free version detect and removed “rogue security tool”.
2. Re booted into normal mode and pop ups were still there!
3. Re ran the super anti spyware in normal mode. This time however it didnt block it ,so it ran successfully and I detected and removed the rogue security tool again.
4. Re booted again in normal mode and eurika ! I cannot begin to express the relief

Wanted to inform you that another way to rid this irritating virus is to reboot pc into safe mode as stated and just run a system restore to before the virus. Works perfect and no signs of virus at all

I too had to remove Security Tool,thats the last time i try to view pic from someone i dont know.They were sexy pics,thats what roped me in.Tried everything listed above and im lucky we have four accounts on our PC.It didnt effect all accounts thankfully.Mine woudnt let me open anything so i downloaded MBAM its a trial version,useless.Superantispy also usless.im running win7 so Mic.Sec.Ess.worked right away.Thank you how to geek forum I can now ignore sexy pics again.Oh yeah my safe mode was unusable.so try it ,down load MSE on another account it takes a bit to scan but its worth it…..:)

i found that using system restore,repeated clicking inbetween closing security tool popup and after several times system restore catches.Then after restored delete all restore point except most resent.Then i used malwarebyts and ccleaner problem solved.

Thanks, Geek! Follow the Geeks advice step by step! I started with “Removing Rogue Fake Antivirus Infections (General Guide)” just as he says. Wouldn’t let me go to safe mode, but the geek told me how. With patience, this works!! Found out I had all sorts of infected stuff…… My scan lasted over an hour using both pieces of software in safe mode followed by a scan with my normal antivirus…

these scoundrels deserve to die or better suffer serious ailment, with their flesh rotting worse each day.
people, if you are prompted to pay online for uninspected stuff, no matter how compelling it may seem, think twice or more, most likely it’s a hoax.

Security tool took hold of my w7 yestarday. Started in safe mode and right clicked on security tools. Under properties clicked on (go to file location) Deleted file and then deleted shortcut. Deleted filed in recycle bin and restarted computer. No problems now.

that virus i found would not let my dodo connect to the internet so started computer in safe mode and was able to delete it i was then able to connect to the internet and download the superantispywear and run it also i even tryed using brute removal but it told me that that was a virus after deleating the spywear the computer worked ok so i could get on the net to fix it

Haha my half brothers girlfriend came to me with this virus. I think the thing that really gave it away was the fact it asked for your credit card details. But I loved the fact it poped up saying there were people trying to connect to my computer… when we weren’t even on the internet

i had microsoft security essentials and i still got the virus. i couldnt get rid off it until i disconnected my self from the internet and was able to delete and remove all the files it had regarding the virus. after i got connected back to the internet and scanned my computer with micrsoft security essentials and it worked. thank you for all the information you’ve given me. now i know where to come if any other problem occurs. thanks!!!

hi, i have got this application called ‘security tools’ which keeps appearing. i have tried to follow the steps above but my computer just keeps shutting down. i have tried it in safe mode with networking but even then it still doesnt work. as well as this, it will not let me download any software to get rid of it.will you be able to help me with this problem? thank you.

Easy way to get rid of this security tool
1. Re start computer
2. As windows opens. Hit ctrl alt delete to open task manager. This needs to be done quickly and soon as windows starts
3. task manager will open before security tool
4. Find the program security tool or it’s exe file. Mine was a 5 digit number
5. Stop the process
6. This disables program but DOES not remove it
7. Download malwares tool and scan computer
8. Remove file once found. Re start computer
9. Do full system scan with your virus scanner
10. Do same with windows malicious file removal tool to get the broken infected files
Note.. My security tool buried itself inside my auto cad program and opened when I imported some files. I’m running 3 virus protectors and it passed all 3 because the virus is written as a self installing program that by passes security. It’s not dangerous just a pain in the bum as it hold computer hostage. It can’t send out information and all “warnings are fake”. The government needs to shut them down and jail the owners as legally they are trying to extort money to free your computer. Report all incidents to authorities and police fraud. If you have virus scan and windows tools. It’s very hard for anyone to get your information. Be careful of free wi fi spots. Like maccas or any that don’t have passwords. Email me peter.olijnyk@iinet.net.au for personal help if you are still stuck.
Do not give security tool any money.
Thanks. Hope this helps

I fought this Virus for 13 hours, and Yes I know nothing about computers, Obviously!!! I followed what Terry did (Post on Nov. 14,2010 11:04am), but as super anti spyware free version scanned, it would not completely finish before being shut down, but within the first 5 mins of the scan the Trojan and rogue security tool were noticed, so after 5 attempts, I just stopped the scan and removed the security tools from my PC and then rebooted. Then I ran a full scan and clean as a whistle.

I have to agree with some of the post, if you are a “noob” at understanding how computers and this crap works, then don’t get in a hurry, read everyone’s post, be patient, but you will win in the end. And the Annoyance of this virus will be dealt with.

One thing I notice people never say where they got it from, I got mine from my kids playing games on one of those free game sites. Sponge Bob did it!!!! lol It happens and lessons learned. Thanks for the post and the help from howtogeek.

Thank you, thank you, thank you!!! This popped up on my husbands computer last night. I downloaded the super anti spyware first, took about 40 mins to run the scan, then restarted the computer. Couldnt get safemode to come up so I shut down the computer, restarted it and got into safe more and downloaded and ran MalwareBytes. This also took about 40 mins. Restarted the computer and it was gone. I have mcafee and tried that first but the computer shut down by itself about half way through. Ran a mcafee scan once i was all done and everything was gone. I noticed though that my husband didnt have mcafee automatically scanning for viruses, he’s only had the computer for about a month and it hadnt ran a scan since he got it. I’m not sure where he got the virus from, he said he was on facebook when it popped up. Frustrating as viruses are this worked. The only trouble i had was finding it once i downloaded it. I didnt pay attention to where it was saving it at. It ended up saving it in my music file. Thanks howtogeek, my husband thinks im a computer whiz now.

Like so many others here, my 11-year-old daughter panicked and clicked on the wrong button when this popped up on her computer. I ran her virus checker – Webroot antivirus with antispyware. It found it, and supposedly got rid of it. Of course, it came right back. So I went into safe mode, ran a scan again, supposedly got rid of it, and again, it came back. I went through this routine for about an hour, and every time, it came back. Then, like others here, I noticed that it had an entry on the start menu. I went into properties, brought up the folder containing the program, which was a long line of numbers like others have mentioned here, and deleted it manually. I then went back into the start menu and deleted the shortcut. This seems to have worked – so far, so good. What pisses me off is that we purchased a virus scanner with her new pc, but I had to (and was able to) get rid of this threat by my little own lonesome self. I know virus software is important – we use Eset on our computer, which is much better. But as far as I am concerned, Webroot blows!

I FREAKED OUT! when i saw this virus had taken over my computer, and it wouldn’t let me run any executable files. i finally got it off by starting my computer in safe mode, and then just deleting the file like I would do any other file. it lives in PROGRAM DATA and has a funny name with many numbers. RECYCLE BIN! :D

My recovery tactic for any kind of infection: Virus Spyware/Malware (for when basic tools like avg, spybot, clamwin, etc. fail to do the job)

-Boot into a liveCD/DVD distro of linux (Knoppix, Linux Mint & Ubuntu are fairly good for this)

-Mount the hard drive of the computer

-Backup your document files and stuff you don’t want to lose (if you haven’t backed them up already) to an external drive (a large USB storage drive is often good for this).

-once your data is rescued – then reinstall windows.

*TIP*
if the virus has a stronghold on boot partitions or keeps reappearing after reinstalling – you can use the linux live CD/DVD partition tools to regenerate a new partition table or format a partition. This gives windows no choice but to reformat the partitions when there is no recognized windows filesystem. Thus wiping out any functional traces of previous files on the drive.

– once you’ve reinstalled windows – install all your reputable security software and get all updates to toughen up your system before it does anything else.

– install your favourite applications.

*TIP*
Make a secondary account for yourself – give it basic permissions so that you have an administrator account AND a limited account. Use the limited account at all times unless you need to do some changes like install a program. Avoiding use of the administrator account reduces your chances of getting infected badly. (so that you could wipe and recreate the user account whenever you get a minor infection.

Personally from my opinion – unless you got something specific that only runs in windows that you can’t live without. I reccommend giving linux a go.

After installing, i first started to become suspicious when it would say ~”trojan found in ” (i know, as i wrote these apps MYSELF!).
I was quickly running out of ideas on how to remove it. It wouldn’t allow ANY .exe to run (eg to load a process-killing app). It wouldn’t even run NOTEPAD!!. This is the MOST “aggressive” malware i’ve ever come accross.
But somehow it “bit itself in the b**”, as it CRASHED, thereby allowing me to invoke Task Manager, and to remove it’s process, and all was back to normal (thankfully).
I then, via it’s Start Menu entry, found it’s .exe location (“C:\Documents and Settings\\Application Data” –> 44750907.exe), and deleted it.
Then as well, to tidy things up, I deleted it’s “run on startup” entry (used a startup-manager).
Previous to that, i had one a search of C:\ for all files created (when i installed this malware). It found the .exe (as above), but i couldn’t delete it as it was still running (didn’t think to rename it). And there were no other new files on the system.
So that was simple – no need for reinstalling Windows, or even running an anti-malware program.

I have had this and another variant and searched for solutions. I tried to run Antispyware and MalwareBytes neither of which would run. I rebooted and things got worse, I could not run anything.

I rebooted again into linux and began researching. I came across a forum posting somewhere (sorry this was a while ago so a bit hazy) where the poster said Security Tools runs from a filename which is just a number and that it is a different number for each different computer. I think it was associated with the user profile. Anyway the poster recommended deleting it then running Antispyware and MalwareBytes and all would be well. After that deleting any proxy settings in your browser options restores internet access. So a similar solution to computer guy but the key thing is for you the file will not be 44750907.exe.

I lloked and found a file with a numerical name AND in my case it even had a Security Tools icon associated with it. I deleted rebooted to Vista, and no Security Tools, I ran the anti programs, reset proxy settings and good as new but I do wonder what was left behind.

The variant I had was a little different but I shut down straight away and performed a similar procedure and all was good. I have never had anytthing like this before even with years of running no antivirus software and then twice in a week.

Guys if you have any issues with any virus or any hacker related issues pls give me a mail or call at +917259178503.And if i am not busy.I gurantee that your virus or hacker is dead. I am not mentioning any troubleshooting because every issue have a root cause and needs to be tackled in a different manner.
So be aware or awake when you are on Internet.Dont fall prey to any hacker or any virus.

Security Tool
Malwarebytes removed three Trojans and one virus initially however the “Tool” kept popping up.
Malwarebytes has a procedure for specifically removing ST at their site I noticed in the “cures” in the comments I failed to see a mention of going to the Safe Mode (F8) at boot, then working Malwarebytes magic from there. Worked beautifully on two computers infected at the same time. I was able to download a couple of helpful programs while in the Safe Mode.
After removal, ran Microsoft Security Essentials and finished with a de-frag.

I tried using SUPERAntiSpyware, but that didn’t help. I ended up restarting in Safe Mode with Networking and downloading MalwareBytes. I ran a full scan and followed directions for removing threats/infections, then restarted. Problem solved!

Microsoft® is working to get standard with Windows 8 ®
(That Will be released in 2012)
A Antivirus Called “Security Windows Protection 8 ®”
And It Can Stop Any Spyware , Virus , Worm , Trojans , …
And if there will be a Virus or Spyware that “Did” infect your PC
Then you will get Payed For that because of warning Microsoft®
and we will Update the Antivirus and even that ‘New” Virus
can not Infect you PC or Notebook

Dear Custommers Of Microsoft®
Microsoft® is working to get standard with Windows 8 ®
(That Will be released in 2012)
A Antivirus Called “Security Windows Protection 8 ®”
And It Can Stop Any Spyware , Virus , Worm , Trojans , …
Because its impossible for Any Virus To Get even Trought the,
First step of what virusses do , so dont worry with Windows 8 ®
And if there will be a Virus or Spyware that did “Infect” your PC
Then you will get Payed For that because of the warning for Microsoft®
because then we can Update the Antivirus and then even that ‘New” Virus
can not Infect you PC or Notebook

this antivirus 2011 attacked into a download of EXPLORE 8… I can’t get rid of it and it has taken over my computer…I am not a geek and looks like I will have to send it into repairs..I would say that it is a crime that people can do these things and get away with hurting other internet users. What can be done against these thugs? I have re-booted, ex all the virus spyware etc. and it still has a hold on my computer. i follow the GEEK guide with no help and now my lap top is fried. I am just venting on my other computer, but there outta be a law against these hackers and their assets frozen. surely someone process their proceeds.

i think i got most of the malware stuff off.. but i still cant use the internet on my account.. i can get of the user accont and use the internet on the but it wont let me search anything on search engines like google and bing.. anyone know why?

WOWZERS! Thank you, what a lifesaver you are GEEK!!!!!
I followed your instructions and did the following:

1) Restarted computer on Safe Mode with Networking

2) Downloaded SUPERAntiSpyware (took a few hours)
then afterwards it found about 74 unwanted files

3) Restarted the computer back in Safe Mode and downloaded
the software MalwareBytes, it ran a scan and found more unwanted
programs. After that it quarantined all files and I restarted the computer
once more and FINALLY I could use my computer again!
Back to normal!

Thank you so much Geek! Hopefully this doesnt happen in the future again, I’ll be more careful now :)